The newest phishing scam showed up today – maybe it’s been around a while?
First you get the Direct Message – this one forwarded to my email:
The link in the DM/email takes you to a site that is a perfect replica of the (old) Twitter logon screen.
But wait.
ALWAYS check the URL before you type in your username/password.
They even bothered to include the Twitter favicon, but the url is…
And here’s who owns THAT URL, via a public Whois search…
Registrant Contact:
jiang wen bin
jiang wen bin jiang wen bin lixing688@gmail.com
+86.0517757813719 fax: +86.0517757813719
jin hua chang jiang lu 125 hao5zhuang 603
jin hua ZJ 345634
CN
Administrative Contact:
jiang jiang lixing688@gmail.com
+86.02163883527 fax: +86.02163883527
jinghua Changjiang east street 1255603
jing hua SH 345634
CN
Technical Contact:
jiang wen bin jiang wen bin lixing688@gmail.com
+86.0517757813719 fax: +86.0517757813719
jin hua chang jiang lu 125 hao5zhuang 603
jin hua ZJ 345634
CN
Billing Contact:
jiang wen bin jiang wen bin lixing688@gmail.com
+86.0517757813719 fax: +86.0517757813719
jin hua chang jiang lu 125 hao5zhuang 603
jin hua ZJ 345634
CN
DNS:
ns1.4everdns.com
ns2.4everdns.com
Nice detective work, Robert. Will you send an alert to gmail and 4everdns.com, too?
Creative little bastards, these phishers! If only their talents were turned to good instead of evil (as Batman would say to his caped companion…).
…r
I’ve emailed Twitter’s legal folks.